baoshuo/S2OJ
baoshuo/S2OJ
1
1
Fork 0
mirror of https://github.com/renbaoshuo/S2OJ.git synced 2024-09-16 19:35:18 +00:00
Code Issues Actions Packages Releases Activity

fix(web): json_encode for REQUEST_URI enter in /reset-password

Browse Source 
Ref: https://huntr.dev/bounties/75bd6901-5760-412d-96fc-b664e4644fea/
This commit is contained in:
billchenchina 2021-09-09 21:38:08 +08:00
parent ebf541ab91
commit e357d1cb91
No known key found for this signature in database
GPG Key ID: 90EAD6E362C2E2D3
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
web/app/controllers/reset_pw.php
View File

@ -63,7 +63,7 @@ $(document).ready(function() {
if (!validateResetPwPost()) {
return false;
}
$.post('<?=$_SERVER['REQUEST_URI']?>', {
$.post(json_encode(<?=$_SERVER['REQUEST_URI']?>), {
reset : '',
newPW : md5($('#input-password').val(), "<?= getPasswordClientSalt() ?>")
}, function(res) {